<?php
	require_once 'environment.php';
	//Admins only!
	if(!$acc->isLogged()) die(change_site("account.php"));
	//The submenus...
	$temp->currentPage("Home >> Account >> Change Password");
	$temp->addSubMenu("Create Account", "createAccount.php");
	$temp->addSubMenu("Change Password", "editAccount.php");
	$temp->addSubMenu("Delete Account", "deleteAccount.php");
	$temp->addSubMenu("Logout", "account.php?action=Logout");
	//This selects the account tab and then the create account tab...
	$temp->setTab(9, 1);
	
	if(fixArr($_POST, "nPass")) {
		$posted = true;
	}else{
		$posted = false;
		$temp->addJS("function validate() {
		var form = document.newPass;
		var warn = document.getElementById(\"warn\");
		if(form.nPass.value == \"\" || form.cnPass.value == \"\" || form.oPass.value == \"\"){
			warn.innerHTML = \"You must fill out all fields!<br />\";
			return false;
		}else if(form.nPass.value != form.cnPass.value) {
			warn.innerHTML = \"Your confirmation did not match.<br />\";
			return false;
		}else if(form.nPass.value.length < 6) {
			warn.innerHTML = \"Your password must be at least 6 characters!<br />\";
			return false;
		}
		return true;
	}");
	}

	$temp->generate();

	function throwErr($where, $err) {
		$err = urlencode($err);
		print change_site($where."?error=".$err);
	}
	
	if(!$posted) {
		print "<form method=\"POST\" name=\"newPass\" action=\"\" onsubmit=\"return validate();\">\n";
		print "<span id=\"warn\" style=\"color: red;\">".(fixArr($_GET, "error") ? fixArr($_GET, "error")."<br />\n" : "")."</span>";
		print "<label>Old Password: <input type=\"password\" name=\"oPass\" /></label><br />\n";
		print "<label>New password: <input type=\"password\" name=\"nPass\" /></label><br />\n";
		print "<label>Confirm password: <input type=\"password\" name=\"cnPass\" /></label><br />\n";
		print "<input type=\"submit\" value=\"Change\" /> <input type=\"Reset\" value=\"Clear\" />\n";
		print "</form>\n";
	}else{
		if($acc->editAdmin(fixArr($_POST, "nPass"), fixArr($_POST, "oPass"))) {
			print "You have successfully changed your password!";
		}else {
			throwErr("editAccount.php","Something was wrong. Please make sure you filled out all fields properly.");
			die();
		}
	}
?>